Section: New Software and Platforms
CADP Pro
Construction and Analysis of Distributed Processes
Keywords: Formal methods  Verification
Functional Description: CADP (Construction and Analysis of Distributed Processes – formerly known as CAESAR/ALDEBARAN Development Package) [4] is a toolbox for protocols and distributed systems engineering.
In this toolbox, we develop and maintain the following tools:

CAESAR.ADT [40] is a compiler that translates LOTOS abstract data types into C types and C functions. The translation involves patternmatching compiling techniques and automatic recognition of usual types (integers, enumerations, tuples, etc.), which are implemented optimally.

CAESAR [46], [45] is a compiler that translates LOTOS processes into either C code (for rapid prototyping and testing purposes) or finite graphs (for verification purposes). The translation is done using several intermediate steps, among which the construction of a Petri net extended with typed variables, data handling features, and atomic transitions.

OPEN/CAESAR [41] is a generic software environment for developing tools that explore graphs on the fly (for instance, simulation, verification, and test generation tools). Such tools can be developed independently of any particular high level language. In this respect, OPEN/CAESAR plays a central role in CADP by connecting languageoriented tools with modeloriented tools. OPEN/CAESAR consists of a set of 16 code libraries with their programming interfaces, such as:

CAESAR GRAPH, which provides the programming interface for graph exploration,

CAESAR SOLVE, which resolves Boolean equation systems on the fly,

CAESAR STACK, which implements stacks for depthfirst search exploration, and

CAESAR TABLE, which handles tables of states, transitions, labels, etc.
A number of onthefly analysis tools have been developed within the OPEN/CAESAR environment, among which:

BISIMULATOR, which checks bisimulation equivalences and preorders,

CUNCTATOR, which performs steadystate simulation of continuoustime Markov chains,

DETERMINATOR, which eliminates stochastic nondeterminism in normal, probabilistic, or stochastic systems,

DISTRIBUTOR, which generates the graph of reachable states using several machines,

EXHIBITOR, which searches for execution sequences matching a given regular expression,

PROJECTOR, which computes abstractions of communicating systems,

REDUCTOR, which constructs and minimizes the graph of reachable states modulo various equivalence relations,

SIMULATOR, XSIMULATOR, and OCIS, which enable interactive simulation, and


BCG (Binary Coded Graphs) is both a file format for storing very large graphs on disk (using efficient compression techniques) and a software environment for handling this format. BCG also plays a key role in CADP as many tools rely on this format for their inputs/outputs. The BCG environment consists of various libraries with their programming interfaces, and of several tools, such as:

BCG EDIT, which allows the graph layout produced by BCG DRAW to be modified interactively,

BCG GRAPH, which generates various forms of practically useful graphs,

BCG INFO, which displays various statistical information about a graph,

BCG IO, which performs conversions between BCG and many other graph formats,

BCG LABELS, which hides and/or renames (using regular expressions) the transition labels of a graph,

BCG MIN, which minimizes a graph modulo strong or branching equivalences (and can also deal with probabilistic and stochastic systems),

BCG STEADY, which performs steadystate numerical analysis of (extended) continuoustime Markov chains,

BCG TRANSIENT, which performs transient numerical analysis of (extended) continuoustime Markov chains, and

XTL (eXecutable Temporal Language), which is a high level, functional language for programming exploration algorithms on BCG graphs. XTL provides primitives to handle states, transitions, labels, successor and predecessor functions, etc.
For instance, one can define recursive functions on sets of states, which allow evaluation and diagnostic generation fixed point algorithms for usual temporal logics (such as HML [49], CTL [37], ACTL [38], etc.) to be defined in XTL.

PBG (Partitioned BCG Graph) is a file format implementing the theoretical concept of Partitioned LTS [44] and providing a unified access to a graph partitioned in fragments distributed over a set of remote machines, possibly located in different countries. The PBG format is supported by several tools, such as:

PBG CP, PBG MV, and PBG RM, which facilitate standard operations (copying, moving, and removing) on PBG files, maintaining consistency during these operations,

PBG MERGE (formerly known as BCG MERGE), which transforms a distributed graph into a monolithic one represented in BCG format,

PBG INFO, which displays various statistical information about a distributed graph.


The connection between explicit models (such as BCG graphs) and implicit models (explored on the fly) is ensured by OPEN/CAESARcompliant compilers, e.g.:

FSP.OPEN, for models expressed as FSP [53] descriptions,

SEQ.OPEN, for models represented as sets of execution traces.
The CADP toolbox also includes TGV (Test Generation based on Verification), which has been developed by the VERIMAG laboratory (Grenoble) and Inria Rennes – BretagneAtlantique.
The CADP tools are wellintegrated and can be accessed easily using either the EUCALYPTUS graphical interface or the SVL [42] scripting language. Both EUCALYPTUS and SVL provide users with an easy and uniform access to the CADP tools by performing file format conversions automatically whenever needed and by supplying appropriate commandline options as the tools are invoked.